WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT
Information on the processing of personal data pursuant to EU Regulation 2016/679, Legislative Decree 101/2018 and subsequent amendments.
This information concerns the Users of the website www.simgears.com who interact with it or its services, excluding any other web addresses belonging to other domains and reachable through links, even if present on the simgears.com website.
Simgears is a brand owned by Plexismart S.r.l.
The Data Controller is Plexismart S.r.l. (from now on: the Owner / the Data Controller), with registered office in Via Ugo Ojetti, 472/474 – 00137 Rome – Italy, and operational headquarters in Via Monte Nero, 55 – 00012 Guidonia Montecelio (RM) – Italy, which can be contacted by e-mail at firstname.lastname@example.org or, alternatively, by telephone or by sending mail to the addresses indicated in this site in the “contacts” section or in the footer of the site itself.
You can browse our site without revealing any personal information about you.
If you choose to accept cookies, some navigation data could be used for statistical and marketing purposes.
The personal data collected through this site may be processed not only by the Owner, but also by the Owner’s employees authorized to process them and by the Data Processors appointed by the Owner.
In case of data processing for contractual obligations (such as the purchase/order of a good/service through this site), the Owner may communicate the data to the partners/subjects involved in the operation (for example, he may communicate the data to the forwarding agent in case of home delivery), as well as fiscal obligations.
PURPOSE OF DATA PROCESSING
The personal data collected in this site are intended for purposes related to:
- direct communication;
- contractual, sales and shipment fulfillment;
- data collection for statistical and marketing purposes;
- User interaction with the Website;
- blacklisting if necessary for security and spam protection purposes;
- possible communications to control and judicial authorities in case of serious violations of legality.
Personal data are processed using electronic and computerized instruments: the processing is carried out in security, therefore specific measures are adopted to protect, both physical and computerized, the servers that host such data, as well as the access devices to such data, or the physical premises where they are stored.
This site is accessible via SSL connection for greater security of data transmission. In the event that this site, or the server that hosts it, or the Owner’s devices are subject to violations (illegal intrusions into the systems, etc.), if it is considered that such violations present high risks for the Interested Parties, the Owner will notify users according to the terms of the law, to the extent that this is feasible.
The security of personal data, in particular those relating to financial instruments (such as credit card, paypal, postepay and the like), it is essential for all those who make purchases via the Internet.
The first guarantee of security and reliability that a Web site e-commerce can offer users, is to have an address well known and easily traceable, an Internet domain officially registered in his name, a clear indication of the postal and landline phone number of the office of the company.
Are then necessary security measures implemented by the data controller to prevent the loss of data, illicit or incorrect and unauthorized access.
Finally you need a credit card data security for the protection of transmission of information.
All these things are scrupulously respected by Simgears.com
The Owner, to minimize any risks concerning the privacy, availability and integrity of personal information collected and processed, has taken all the minimum security measures provided by the law.
Our site uses SSL protection with up to 256-bit for the protection of transmission of information with security certificate signed by Aruba Spa, the service provider of e-commerce, and resides on our provider.
The processing of data collected through this site is authorized by the interested party for one or more specific purposes (indicated in the dedicated paragraph).
In some cases, for example those related to the sale of a product/service through this site, the processing of data is necessary for tax purposes.
Cookies, when accepted, are explicitly authorized by the interested party at the time of the first access to the site, except for the necessary ones. For specifications on cookies, see the relevant section.
DURATION OF DATA PROCESSING
The data will be kept for the time necessary to achieve the purposes for which they were collected, unless explicitly requested by the interested party, who may request their cancellation at any time.
Where the retention of data is connected to the sale of a product/service through this site, the retention time is subject to the terms established by law: they will be collected for 10 years from the latest transaction.
With regard to data relating to e-mails received through the Website info and support addresses, the duration is related to the conversation that is established following the communication and any proven interest on the part of the sender, which could justify an extended period of retention: they will be collected for 10 years from the latest contact.
For the duration of cookies, please refer to the appropriate section.
The terms of collecting data for the newsletter service depend on the User interest: he can request cancellation at any time. If no cancellation is requested, the newsletter service will continue to collect data.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
User registration data are retained indefinitely or until a User edits or deletes his personal information or account.
MANDATORY OR OPTIONAL NATURE OF DATA PROCESSING
If a user places an order through this site or wants to register an account, it will be necessary to communicate some data in order to complete the operation.
Users who use the site only for consultation have the possibility to opt for the blocking of cookies, excluding some technical cookies for which no preventive blocking procedure is required.
TYPES OF DATA PROCESSED
The personal data collected by this site may be provided spontaneously by the user when sending communications or purchasing goods/services. Other data, which do not explicitly refer to the user’s authentication, may be collected during navigation on the site also to allow better use.
No sensitive data are collected in any way, and therefore inherent to health, judicial situations, race, religion, political orientation and all other data concerning the person in the intimate sphere.
The data is collected under secure (encrypted) connection and therefore with secure transfer of information.
Some data, the transmission of which is implicit in the use of Internet communication protocols, is acquired through the navigation of this website. These data concern telematic traffic and include, but are not limited to: IP addresses or domain names of computers used by users connecting to the Web sites, the URI (Uniform Resource Identifier) of requested resources, time of request, the method used to make the request to the server, the size of the file obtained in response, the numerical code indicating the status of response from the server (successful, error, etc.) and other parameters regarding the operating system and computer environment.
The above data are used for statistical purposes relating to visits to the site, or for the purposes of its proper functioning. Please note that the IP addresses used in the statistics are “anonymized”, thus not allowing the user to be traced back. In any case, these data are not directly identifiable of the person who makes the navigation. It must be said that in case of violations of legality, there could be the possibility that the authorities have access to the server and can, through processing and association with other data, identify a subject.
Particular procedures could be used to ascertain responsibility in case of computer crimes: in this case the data will be collected and stored for the purpose of ascertaining responsibility for any damages.
Your data will be processed for purposes related to internal activities of our company, activities instrumental to the management of the contract.
The data collected may include: name, date of birth, address, telephone number, email address and sometimes financial information, such as the number of credit card or checking account; transaction information you put in place on the site (for example, offers, purchases and sales related to your account); information relating to shipping, billing and other information you provide to purchase or ship an item; more information you have provided. Data will not be disseminated in any way.
The same data may eventually be passed on to the organs and bodies in charge, if this is legally obtainable.
Your personal data will be using instruments to ensure their security and confidentiality and can be done either through papers with both tools.
The data may relate to the collection, recording, organization, storage, processing, modification, selection, extraction, utilization, communication, blocking, erasure and destruction.
For Users that register on this Website (if any), we store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username).
All data collected through the registration procedure on simgears.com will be linked to an account, password protected. Your password is the only “key” that will let you access your Simgears.com. Use numbers, letters and special characters and do not reveal your password to third parties. If you choose to give your password or your personal information to third parties, you will be responsible for all acts committed with the use of your account. If you lose control of your password, you may not be able to control the use that is made of your personal information and be subject to legally binding actions taken on your behalf. Therefore, if for any reason your password is compromised, you should report it to Simgears.com and change it immediately.
The data collected regarding users who send communications to the e-mail addresses of this Website concern information necessary for the purposes of communication and the needs dictated by such communication.
The data collected through registration on the Website includes data necessary for the basic identification of the user; this data may also be expanded at a later date at the user’s discretion.
The data collected through the order form / direct purchase of products on this Website includes data necessary to ensure that the order is successful and is fiscally valid.
In case of an invoicing request, it will also be necessary to provide company data.
Should the content of the contact e-mail, or of the “notes” during the purchase/order process, include further personal data, these will be considered as spontaneously provided by the interested party.
DATA COLLECTED THROUGH INTEGRATED SERVICES
Users have the possibility to subscribe to the newsletter of the website, managed through the Mailchimp service, by submitting their e-mail address and their nickname or real name.
If Users demonstrate their willingness to subscribe to the newsletter during checkout, additional data, such as first and last name, address, telephone and others, will be collected.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Other data, even if anonymous, concern cookies, for which please refer to the appropriate section.
RIGHTS OF THE DATA SUBJECT
The Data Subject may exercise the following rights at any time by making a request to the Data Controller:
The Data Subject may ask the Data Controller to confirm whether or not his/her data is being processed and, if so, to receive information on the purposes, categories of data, recipients, storage, existence of the right to rectification / cancellation / limitation, existence of the right to complain, possible origin of the data, existence of profiling, existence of adequate guarantees in case of data transfer to countries outside the EU. This right may be exercised by contacting the Data Controller directly, as it is not possible, for the means currently available to the Data Controller, to provide remote access to the Data Subject. The Data Subject may also ask the Data Controller for a copy (free of charge in case of electronic format) of the data in its possession.
The Data Subject may ask the Data Controller to correct or supplement his/her data if they are inaccurate or incomplete (including by providing a supplementary statement).
The Data Subject may ask the Data Controller to delete his or her data (“right to be forgotten”) in the cases in which:
– the data are no longer necessary with respect to the purposes for which they were collected or processed,
– the data subject wishes to revoke the consent given and there is no other legal basis for further processing of the consent given,
– the interested party wants to oppose a treatment and there is no legitimate reason to proceed with such treatment,
– personal data have been processed unlawfully,
– data must be deleted to comply with a legal obligation of the EU or Italian,
– data have been collected regarding the offer of information society services to minors (generally minimum 16 years old in Europe – 14 years old in Italy).
The above may apply unless a legal obligation of the Data Controller prevails or the processing is necessary for the defense, verification or exercise of a right in court, in addition to other cases of public security or public interest.
The Data Subject may ask the Data Controller to limit the processing of data in the cases in which:
– there is a dispute as to the accuracy of the data,
– the treatment is illegal and the person concerned opposes the cancellation of the data,
– the data are necessary to ascertain, defend or exercise a right of the interested party even if the Data Controller no longer needs them,
– the Data Subject has opposed the processing of the data and there are ongoing checks on the prevalence of legitimacy of the processing between the Data Subject and the Data Controller.
The Data Subject may ask the Data Controller to receive the data concerning him/her in a structured, commonly used and readable format, in cases where the processing is based on consent or on a contract.
He may also request the direct transmission of his data from one Data Controller to another, if technically feasible.
This right may be exercised if this does not prejudice other aspects of a legal nature and does not harm the freedom of others.
The Data Subject may object, if in a particular situation in which the legitimate interests of the Data Controller prevail, to the processing of the data if the data are subject to profiling.
The Data Subject may also object at any time to the processing of data for direct marketing purposes by the Data Controller.
The Data Subject who considers that the treatment that concerns him/her violates the current provisions of law has the right, without prejudice to any other administrative or judicial recourse, to lodge a complaint with the Data Protection Authority.
The personal data collected through this site are located and stored within the European Union and in some cases, depending on the services, may be transferred internationally.
Simgears in fact uses services of Google, Mailchimp, Facebook and others, which also host their data on servers outside the European Union. The Data Controller uses, in any case, service providers who prove to have the necessary certifications regarding the transfer of data at international level, with an adequate level of protection.
COMPETENT FORUM AND AUTHORITY
For any controversy is competent the Court of Rome and the Control Authority is the Italian Privacy Authority.
You can find the model for the exercise of rights regarding the protection of personal data at the following address: